Centralisation des journaux (pas encore Elastic) #40

Manually merged
jeltz merged 24 commits from logs-first-phase into master 2024-07-01 01:55:28 +02:00
4 changed files with 85 additions and 0 deletions
Showing only changes of commit 7fd1b5ff5d - Show all commits

View file

@ -0,0 +1,4 @@
---
rsyslog_inputs: []
rsyslog_collector_base_dir: /var/log/remote
...

View file

@ -0,0 +1,4 @@
---
dependencies:
- role: rsyslog_common
...

View file

@ -0,0 +1,24 @@
---
- name: Install rsyslog-relp if needed
become: true
apt:
name: rsyslog-relp
state: latest
when: "rsyslog_inputs | selectattr('proto', 'eq', 'relp') | list"
- name: Ensure log storage directory exists
become: true
file:
path: "{{ rsyslog_collector_base_dir }}"
state: directory
- name: Deploy rsyslog input configuration file
become: true
template:
src: 10-collector.conf.j2
dest: /etc/rsyslog.d/10-collector.conf
owner: root
group: root
mode: u=rw,g=r,o=r
notify: Restart rsyslog
...

View file

@ -0,0 +1,53 @@
{{ ansible_managed | comment }}
module(load="mmrm1stspace")
{%
set input_modules = {
"relp": "imrelp",
"udp": "imudp",
}
%}
{%
for module in rsyslog_inputs
| map(attribute="proto")
| map("extract", input_modules)
| list
| unique
%}
module(load="{{ module }}")
{% endfor %}
template(name="incomingFilename" type="list") {
constant(value="{{ rsyslog_collector_base_dir }}/")
property(name="fromhost-ip")
constant(value="/")
property(name="timegenerated" dateFormat="year")
constant(value="-")
property(name="timegenerated" dateFormat="month")
constant(value="-")
property(name="timegenerated" dateFormat="day")
constant(value=".log")
}
ruleset(name="handleIncomingLogs") {
action(type="mmrm1stspace")
action(
type="omfile"
dynaFile="incomingFilename"
template="RSYSLOG_FileFormat"
)
}
# TODO: add protocol-specific options (eg. TLS)
{% for input in rsyslog_inputs %}
input(
type="{{ input_modules[input.proto] }}"
{% if "address" in input %}
address="{{ input.address }}"
{% endif %}
port="{{ input.port }}"
ruleset="handleIncomingLogs"
)
{% endfor %}